Create read only user on mon namespace

Step a: create namespace

kubectl create namespace mon

Step 2: create service account

cat <<EOF | kubectl apply -f -
apiVersion: v1
kind: ServiceAccount
metadata:
  name: ahmad
  namespace: mon
EOF

Step 2: create role api groups: all resource: all verb: get, watch, list

cat <<EOF | kubectl apply -f -
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
  namespace: mon
  name: reader
rules:
- apiGroups: ["*"] # "" indicates the core API group
  resources: ["*"]
  verbs: ["get", "watch", "list"]
EOF

Step 3: create cluster role binding cluster role: reader service account: ahmad

cat <<EOF | kubectl apply -f -
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  name: reader
  namespace: mon
roleRef:
  kind: Role
  name: reader
  apiGroup: rbac.authorization.k8s.io
subjects:
- kind: ServiceAccount
  name: ahmad
  namespace: mon
EOF

Step 4: get token for ahmad service account

kubectl -n mon create token ahmad

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Create-read-only-user.md

Create-read-only-user.md

Create read only user on mon namespace

Files

Create-read-only-user.md

Latest commit

History

Create-read-only-user.md

File metadata and controls

Create read only user on mon namespace